Anonymous accused of hijacking home routers

The international hacking collective Anonymous is being accused of hijacking tens of thousands of home and office Internet routers around the world in order to launch cyberattacks.

Hackers exploited routers’ lax security to infect them with malware, creating what is known as a “botnet,” or group of zombie computers used by outside users for malicious purposes. Anonymous is one of several groups believed to be involved.

ADVERTISEMENT

The botnet was discovered by Incapsula, a security firm, which published its findings on Tuesday.

“The attacks we will describe are enabled by what we perceive as particularly reckless security practices,” the report stated.

“Despite our best efforts, many of these botnet devices remain active, continuing to play a role in attack attempts against our clients and other websites.”

The discovery points to two problematic trends: hackers’ rising sophistication, which has made botnets a growing problem, and serious security vulnerabilities in the routers used by everyday Internet users.

A crucial part of the threat Incapsula identified is the botnet’s ability to co-opt new machines: hijacked routers scan for vulnerabilities in other routers and automatically exploit them to grow the botnet over time.

“For perpetrators, this is like shooting fish in a barrel, which makes each of the scans that much more effective,” the report stated.

“Using this botnet also enables perpetrators to execute distributed scans, improving their changes against commonplace blacklisting, rate-limiting and reputation-based defense mechanisms.”

Incapsula said many computers that are part of the botnet report back to AnonOps.com, one piece of evidence linking the hacking campaign to the group.